摘要
分析了IM面临的主要安全威胁及其特点,阐述并借鉴了现有的解决方案,提出了一套即时通信(IM)安全保护策略,利用公钥基础设施机制、"安全套接字层"、CAPTCHA等技术,通过加密、签名、验证签名、解密、CAPTCHA验证和IM消息流量监控等方法,保障了IM的连接安全和数据交换安全,保护了IM系统的配置信息和通信记录,减轻了病毒和蠕虫的威胁。
This paper analyzes the main threats that instant messaging(IM) confronted, its characteristics, and solutions in existing applications, proposes a suit of strategies to secure IM. This paper introduces the public key infrastructure(PKI) mechanism into IM, adopting techniques such as security socket layer(SSL) and CAPTCHA, and methods such as encryption, signature, signature verification, decryption, CAPTCHA validation and IM message flux monitoring, so as to ensure the security of IM connections and data communications, protect the configurations and notes of IM system, and lighten viruses and worms threats.
出处
《计算机工程》
CAS
CSCD
北大核心
2007年第21期125-127,共3页
Computer Engineering
关键词
即时通信
安全套接字层
加密
蠕虫
instant messaging
security socket laver
encrypt
worm
